[FFmpeg-devel] [PATCH 1/2] avcodec/diracdec: Check perspective_exp and zrs_exp.

Michael Niedermayer michael at niedermayer.cc
Wed Aug 16 22:50:29 EEST 2017 

On Wed, Aug 16, 2017 at 01:47:55PM -0400, Ronald S. Bultje wrote:
> Hi,
> 
> On Aug 15, 2017 3:32 AM, "Michael Niedermayer" <michael at niedermayer.cc>
> wrote:
> 
> Fixes: undefined shift
> Fixes: runtime error: shift exponent 264 is too large for 32-bit type 'int'
> Fixes: 2860/clusterfuzz-testcase-minimized-4672811689836544
> 
> Found-by: continuous fuzzing process https://github.com/google/oss-
> fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> ---
>  libavcodec/diracdec.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/libavcodec/diracdec.c b/libavcodec/diracdec.c
> index f2837aca69..be8b282314 100644
> --- a/libavcodec/diracdec.c
> +++ b/libavcodec/diracdec.c
> @@ -1161,6 +1161,11 @@ static int
> dirac_unpack_prediction_parameters(DiracContext
> *s)
>                  s->globalmc[ref].perspective[0]  = dirac_get_se_golomb(gb);
>                  s->globalmc[ref].perspective[1]  = dirac_get_se_golomb(gb);
>              }
> +            if (s->globalmc[ref].perspective_exp +
> (uint64_t)s->globalmc[ref].zrs_exp > 30) {
> +                av_log(s->avctx, AV_LOG_ERROR, "exp %d %d too large\n",
> s->globalmc[ref].perspective_exp, s->globalmc[ref].zrs_exp);
> 
> 
> This message is utterly unhelpful. Why is it there? Please don't waste
> binary size with crap logs.

If an error occurs, the user should be presented with an error message.
Its also helpfull for debuging to know where an error came from.

But considering this came up in the past and people always insisted
that error messages are removed at any cost. Ill just remove it

thx

[...]
--
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

If a bugfix only changes things apparently unrelated to the bug with no
further explanation, that is a good sign that the bugfix is wrong.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170816/8d3805c8/attachment.sig>

More information about the ffmpeg-devel mailing list